Owners of jailbroken iPhones who haven't changed their passwords have been rickrolled by a new worm. (Source: Sophos)

Worm is first known iPhone worm, originated in Australia, may be spreading overseas

Rick Astley, an English
singer-songwriter and musician, first became famous for his 1987 hit
"Never Gonna Give You Up". The music industry in the
1990s gave up on Astley, but Astley didn't give up on it. He
managed to recapture attention in 2007 thanks to one of the most
infamous viral video crazes. Links popped up all around the
internet to Astley's hit and the term
"rickrolling", originally referring to tricking people
into watching the video, became a common colloquialism.

Now an
internet worm is achieving what Apple has been unable
to do -- punish those with jailbroken iPhones (phones freed of
Apple's app restrictions). Sophos, a leading security firm,
appears to be the first to have
investigated the amusing virus. The virus, which
"rickrolls" users, changing their wallpaper to an image of
Rick Astley. It appears to do little else other than spreading
to other jailbroken iPhones in the user's contact list.

The
worm can infect any jailbroken iPhone with SSH installed and an unchanged default
password. The password on jailbroken iPhones defaults to
"alpine". Users can change this by installing the
MobileTerminal app, available from the Cydia
undergound app store, and typing the command passwd.

While
the Rick Astley worm appears to be mostly confined to Australia at
this point, European iPhone users with jailbroken phones received a
similar
surprise last week. A Dutch hacker sent numerous users with
jailbroken iPhones a message, demanding they pay him 5 euros.
Like the Astley virus, the hacker took advantage of the fact that
many users have jailbroken iPhones with unchanged passwords. A
"trivial" port discovery and login via the SSH protocol
later, the hacker was able to post his ransom demand.

The
hacker has since recanted and stopped asking people for Paypal
payments, and has now posted free instructions of how to protect
jailbroken iPhones. While these incidents may have been mere
annoyances, its seems only a matter of time before an actual
malicious virus is unleashed on the jailbroken iPhone community.

Comments

Threshold

Username

Password

remember me

This article is over a month old, voting and posting comments is disabled

Isn't it kinda Apples fault for having such an insecure product, why can you just ssh into it? Why is it listening on that port or why is the service even started? Really there are many why's Apple did all of this, but leads down to one thing, and that is I would never trust my personal data with any of their operating systems because of their lack of care for their users or their security.

I think this has a lot to do with the stupid ads telling everyone that macs cant get viruses and that they are impervious to anything witch is a flat out lie. They should be sued for false advertisement over it, tricking users into a false sense of security. So their users don't think they need to change their passwords and probably don't even know how to(sounds to complicated from what the article mentioned), hey they are Apple users after all.

It is not Apple's fault. For this worm to work, the user must have first jailbreaked the device, then used Cydia (or similar) to install OpenSSH, and then despite knowing the device can be logged into as root with a well known password, not bothered to either change the password or to turn SSH off using something like SBSettings.

Would anyone here really be stupid enough to leave the root account wide open on their iPhone/iTouch by installing OpenSSH and not realising the risk it poses?

I didn't know ssh wasn't installed by default(I don't own a iphone or have I used one). I guess people shouldnt be jail breaking if they have no clue about open ports or services running in the background. Is it required to install SSH or are people just installing it for the hell of it because they think they need it?

Many people install SSH because it provides a convenient way to freely access the entire file-system of the iPhone from another computer. Quite a few people who jailbreak might be reading some sort of potted guide on how to do it, without realising the implications of some of the steps, but anyone who actually has a genuine use for SSH would surely realise the security implications of allowing access to the entire device via a well known password.

I suppose if someone was following a jailbreaking guide which simply said "Step x. go into Cydia, search for OpenSSH and install it" then ordinary users could be excused for not changing the password or disabling it most of the time (assuming their guide didn't tell them to do either of the both as the following steps).

I'd say that people should not jailbreak unless they are aware of what the risks are, and in particular any risks associated with subsequent installs from Cydia or elsewhere (cracked IPAs for instance).